If only a day had 48 hours…

Ubuntu .local domain resolving issue’s and iptables prerouting

In the past few days I’ve been helping a new colleague at my current job with getting his development area setup in Ubuntu. Most of us work with Windows, including myself since I’m not working on my laptop but on a provided desktop, so helping someone with Ubuntu is nice for a change.

ButÂ we ran into a problem that I couldn’t explain right away, if we tried to “ssh” to our svn repository it didn’t resolve the hostname, while “normal” host lookup programs had no trouble with resolving it at all. So I posted the problem on the Ubuntu forums. Unfortunately the first response was a bit disappointing: “does it work when you try to ssh via ip?”… So I thought lets call a friend who helps me out more often in cases like these. And indeed he knew the answer. It seems that avahi is causing this problem. I’ve not yet found out why avahi is doing this, but I guess it’s a bad idea to use avahi while you need to work with a “.local” domain.

I wanted to know why avahi did this, so I thought lets join the Ubuntu IRC channel. Unfortunately I didn’t get an explanation. But I got to see something about iptables that I didn’t know about before, prerouting. Someone asked the following question:

2008-11-11 21:53:48 < deus> It is possible to use the iptables to redirect http traffic to a proxy server, for example by using iptables -t nat -A PREROUTING -p tcp -i br0 –dport 80 -j DNAT
–to-destination <ip proxy>:3128 But how does the proxy server know which site he has to lookup since the destination is changed to its own address?

I didn’t know the answer to that, guess it works via the HTTP protocol itself, but well, perhaps I’ll find this out some other time. But while I was looking into this prerouting thingy I found a nice blog post about using prerouting for flash remoting. I’ve no use for this information yet, but you never know.

The proxy “knows” because it is asked for a specific site.
This is normal http behaviour, iptables do not alter any of this. You connect to an IP address, than “ask” for the site http://www.abc.tld, the server returns the right page. The proxy intercepts this and proxies (e.g. re-does the request on your behalf to the destination server).
Missed this earlier :-/